% !TEX root =  main.tex

\subsection{secureUML}
\label{sec:SecureUML}

\begin{figure}[t]
	\centering
	\includegraphics[width=\columnwidth]{./figures/secureUML}
	\caption{secureUML Y-Process}
	\label{fig:secureUML}
\end{figure}

Basin \etal have proposed  \emph{secureUML}
\cite{Basin:2011:DMS:1998441.1998443,Basin:2003:MDS:775412.775425,Basin:2006:MDS:1125808.1125810},
a \UML profile for security engineering.

\smallskip\noindent \textbf{Security Concerns.}\hspace{0.5cm} 
\emph{secureUML} is designed to model and analyze \rbac (Role-Based Access Control). 

\smallskip\noindent \textbf{Modeling.}\hspace{0.5cm} 
Derived from \mof(Meta-Object Facility), the schema of Basin's proposal consists
of:
\begin{itemize}
	\item A \emph{security modeling language}, \ie \emph{secureUML}, for expressing
	security policies (\rbac);
	\item A \emph{system design modeling language}, namely \emph{componentUML} or
	\emph{controllerUML}, for constructing design models against concrete
	scenarios;
	\item A \emph{dialect} provides a bridge by defining the connection points for
	integrating security models and system models.
\end{itemize}

Both \emph{secureUML} or system design modeling languages incorporate an
explicit \emph{abstract syntax} which defines the language primitives used to
build models and a \emph{concrete syntax} which is the notation defines
representation of these primitives.

The \emph{dialect} is a mapping between the abstract syntaxes of system
design modeling language and \emph{secureUML}. It uses sub-typing to classify
construct elements of the \rbac models expressed in \emph{secureUML} as
belonging to subtypes in business models expressed in the system design modeling
languages. As an example, it connects elements in the system design model
representing actions and resources to their corresponding elements in the
security model.

\smallskip\noindent \textbf{Transformation.}\hspace{0.5cm} The composed model
can be amenably transformed basic system code or infrastructure, \ie Entreprise
JavaBeans (EJB) or or alternatively Microsoft Enterprise Services (.NET).

\smallskip\noindent \textbf{Analysis.}\hspace{0.5cm} The \rbac policy
verification can be performed by queries of \textsc{Ocl} (Object Constraint
Language) constraints defined on the composed model
\cite{Basin:2009:AAS:1512996.1513226}. There exists no clearly developed
mechanism for traceability.

The schema of \emph{secureUML} may be synthesized as a 
\emph{Y-Process} as shown in \fig \ref{fig:secureUML}.
